Vulnerabilities > Automattic

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-01	CVE-2021-24329	Unspecified vulnerability in Automattic WP Super Cache The WP Super Cache WordPress plugin before 1.7.3 did not properly sanitise its wp_cache_location parameter in its settings, which could lead to a Stored Cross-Site Scripting issue. network low complexity automattic	5.4
2021-04-05	CVE-2021-24209	Code Injection vulnerability in Automattic WP Super Cache The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated (admin+) RCE in the settings page due to input validation failure and weak $cache_path check in the WP Super Cache Settings -> Cache Location option. network low complexity automattic CWE-94	7.2
2020-07-20	CVE-2020-8215	Classic Buffer Overflow vulnerability in Automattic Canvas A buffer overflow is present in canvas version <= 1.6.9, which could lead to a Denial of Service or execution of arbitrary code when it processes a user-provided image. network low complexity automattic CWE-120	8.8
2020-02-12	CVE-2013-2010	Injection vulnerability in multiple products WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability network low complexity boldgrid automattic CWE-74 critical	9.8
2020-02-07	CVE-2013-2009	Unspecified vulnerability in Automattic WP Super Cache 1.2 WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution network low complexity automattic	8.8
2020-02-07	CVE-2013-2008	Cross-site Scripting vulnerability in Automattic WP Super Cache 1.3 WordPress Super Cache Plugin 1.3 has XSS. network low complexity automattic CWE-79	6.1
2019-12-26	CVE-2013-2011	Improper Encoding or Escaping of Output vulnerability in Automattic W3 Super Cache WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. network low complexity automattic CWE-116	8.8
2019-08-28	CVE-2015-9359	Cross-site Scripting vulnerability in Automattic Jetpack The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_arg() and remove_query_arg(). network low complexity automattic CWE-79	6.1
2019-08-28	CVE-2015-9357	Cross-site Scripting vulnerability in Automattic Akismet The akismet plugin before 3.1.5 for WordPress has XSS. network low complexity automattic CWE-79	6.1
2019-07-18	CVE-2016-10763	Cross-site Scripting vulnerability in Automattic Camptix Event Ticketing The CampTix Event Ticketing plugin before 1.5 for WordPress allows XSS in the admin section via a ticket title or body. network low complexity automattic CWE-79	4.8

Vulnerabilities > Automattic {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Automattic"}]}

Vulnerabilities > Automattic